mirror of
https://github.com/freeipa/ansible-freeipa.git
synced 2026-05-08 14:23:11 +00:00
7a6036f7cf
Since we are using docker for running the tests we can no longer rely on groups.ipaserver[0] as the managed host hostname.
36 lines
863 B
YAML
36 lines
863 B
YAML
---
|
|
- name: Playbook to configure IPA server step1
|
|
hosts: ipaserver
|
|
become: true
|
|
vars:
|
|
ipaserver_external_ca: yes
|
|
ipaserver_copy_csr_to_controller: yes
|
|
|
|
roles:
|
|
- role: ipaserver
|
|
state: present
|
|
|
|
- name: Create CA, get /root/ipa.csr signed by your CA, ..
|
|
hosts: localhost
|
|
|
|
tasks:
|
|
- name: Run external-ca.sh
|
|
command: >
|
|
/bin/bash
|
|
external-ca.sh
|
|
"{{ groups.ipaserver[0] }}"
|
|
"{{ ipaserver_domain | default(groups.ipaserver[0].split('.')[1:] | join ('.')) }}"
|
|
args:
|
|
chdir: "{{ playbook_dir }}"
|
|
|
|
- name: Playbook to configure IPA server step2
|
|
hosts: ipaserver
|
|
become: true
|
|
vars:
|
|
ipaserver_external_cert_files_from_controller: "{{ groups.ipaserver[0] + '-chain.crt' }}"
|
|
#ipaserver_external_ca_file: "{{ groups.ipaserver[0] + '-cacert.asc' }}"
|
|
|
|
roles:
|
|
- role: ipaserver
|
|
state: present
|